* [PATCH v4 net-next 1/3] bonding: fix bond_3ad_set_carrier() RCU usage
2014-01-10 10:59 [PATCH v4 net-next 0/3] bonding: fix bond_3ad RCU usage Veaceslav Falico
@ 2014-01-10 10:59 ` Veaceslav Falico
2014-01-10 10:59 ` [PATCH v4 net-next 2/3] bonding: fix __get_first_agg " Veaceslav Falico
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Veaceslav Falico @ 2014-01-10 10:59 UTC (permalink / raw)
To: netdev; +Cc: Veaceslav Falico, dingtianhong, Jay Vosburgh, Andy Gospodarek
Currently, its usage is just plainly wrong. It first gets a slave under
RCU, and, after releasing the RCU lock, continues to use it - whilst it can
be freed.
Fix this by ensuring that bond_3ad_set_carrier() holds RCU till it uses its
slave (or its agg).
Fixes: be79bd048ab ("bonding: add RCU for bond_3ad_state_machine_handler()")
CC: dingtianhong@huawei.com
CC: Jay Vosburgh <fubar@us.ibm.com>
CC: Andy Gospodarek <andy@greyhouse.net>
Signed-off-by: Veaceslav Falico <vfalico@redhat.com>
---
Notes:
v3 -> v4:
Remove the useless goto out.
v2 -> v3:
Just wrap RCU for the whole usage of our slave.
v1 -> v2:
Don't use _rcu primitives as we can be called under RTNL too.
v2 -> v3:
Just wrap RCU for the whole usage of our slave.
v1 -> v2:
Don't use _rcu primitives as we can be called under RTNL too.
v1 -> v2:
Don't use _rcu primitives as we can be called under RTNL too.
drivers/net/bonding/bond_3ad.c | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/drivers/net/bonding/bond_3ad.c b/drivers/net/bonding/bond_3ad.c
index 29db1ca..da0d7c5 100644
--- a/drivers/net/bonding/bond_3ad.c
+++ b/drivers/net/bonding/bond_3ad.c
@@ -2327,32 +2327,32 @@ int bond_3ad_set_carrier(struct bonding *bond)
{
struct aggregator *active;
struct slave *first_slave;
+ int ret = 1;
rcu_read_lock();
first_slave = bond_first_slave_rcu(bond);
- rcu_read_unlock();
- if (!first_slave)
- return 0;
+ if (!first_slave) {
+ ret = 0;
+ goto out;
+ }
active = __get_active_agg(&(SLAVE_AD_INFO(first_slave).aggregator));
if (active) {
/* are enough slaves available to consider link up? */
if (active->num_of_ports < bond->params.min_links) {
if (netif_carrier_ok(bond->dev)) {
netif_carrier_off(bond->dev);
- return 1;
+ goto out;
}
} else if (!netif_carrier_ok(bond->dev)) {
netif_carrier_on(bond->dev);
- return 1;
+ goto out;
}
- return 0;
- }
-
- if (netif_carrier_ok(bond->dev)) {
+ } else if (netif_carrier_ok(bond->dev)) {
netif_carrier_off(bond->dev);
- return 1;
}
- return 0;
+out:
+ rcu_read_unlock();
+ return ret;
}
/**
--
1.8.4
^ permalink raw reply related [flat|nested] 5+ messages in thread* [PATCH v4 net-next 2/3] bonding: fix __get_first_agg RCU usage
2014-01-10 10:59 [PATCH v4 net-next 0/3] bonding: fix bond_3ad RCU usage Veaceslav Falico
2014-01-10 10:59 ` [PATCH v4 net-next 1/3] bonding: fix bond_3ad_set_carrier() " Veaceslav Falico
@ 2014-01-10 10:59 ` Veaceslav Falico
2014-01-10 10:59 ` [PATCH v4 net-next 3/3] bonding: fix __get_active_agg() RCU logic Veaceslav Falico
2014-01-14 6:22 ` [PATCH v4 net-next 0/3] bonding: fix bond_3ad RCU usage David Miller
3 siblings, 0 replies; 5+ messages in thread
From: Veaceslav Falico @ 2014-01-10 10:59 UTC (permalink / raw)
To: netdev; +Cc: Veaceslav Falico, dingtianhong, Jay Vosburgh, Andy Gospodarek
Currently, the RCU read lock usage is just wrong - it gets the slave struct
under RCU and continues to use it when RCU lock is released.
However, it's still safe to do this cause we didn't need the
rcu_read_lock() initially - all of the __get_first_agg() callers are either
holding RCU read lock or the RTNL lock, so that we can't sync while in it.
Fixes: be79bd048 ("bonding: add RCU for bond_3ad_state_machine_handler()")
CC: dingtianhong@huawei.com
CC: Jay Vosburgh <fubar@us.ibm.com>
CC: Andy Gospodarek <andy@greyhouse.net>
Signed-off-by: Veaceslav Falico <vfalico@redhat.com>
---
Notes:
v3 -> v4: add rcu_read_lock() to silence lockdep.
v2 -> v3:
Use the rcu primitives.
v1 -> v2:
Don't use RCU primitives as we can hold RTNL.
drivers/net/bonding/bond_3ad.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/net/bonding/bond_3ad.c b/drivers/net/bonding/bond_3ad.c
index da0d7c5..b49f421 100644
--- a/drivers/net/bonding/bond_3ad.c
+++ b/drivers/net/bonding/bond_3ad.c
@@ -143,11 +143,13 @@ static inline struct bonding *__get_bond_by_port(struct port *port)
*
* Return the aggregator of the first slave in @bond, or %NULL if it can't be
* found.
+ * The caller must hold RCU or RTNL lock.
*/
static inline struct aggregator *__get_first_agg(struct port *port)
{
struct bonding *bond = __get_bond_by_port(port);
struct slave *first_slave;
+ struct aggregator *agg;
/* If there's no bond for this port, or bond has no slaves */
if (bond == NULL)
@@ -155,9 +157,10 @@ static inline struct aggregator *__get_first_agg(struct port *port)
rcu_read_lock();
first_slave = bond_first_slave_rcu(bond);
+ agg = first_slave ? &(SLAVE_AD_INFO(first_slave).aggregator) : NULL;
rcu_read_unlock();
- return first_slave ? &(SLAVE_AD_INFO(first_slave).aggregator) : NULL;
+ return agg;
}
/**
--
1.8.4
^ permalink raw reply related [flat|nested] 5+ messages in thread* [PATCH v4 net-next 3/3] bonding: fix __get_active_agg() RCU logic
2014-01-10 10:59 [PATCH v4 net-next 0/3] bonding: fix bond_3ad RCU usage Veaceslav Falico
2014-01-10 10:59 ` [PATCH v4 net-next 1/3] bonding: fix bond_3ad_set_carrier() " Veaceslav Falico
2014-01-10 10:59 ` [PATCH v4 net-next 2/3] bonding: fix __get_first_agg " Veaceslav Falico
@ 2014-01-10 10:59 ` Veaceslav Falico
2014-01-14 6:22 ` [PATCH v4 net-next 0/3] bonding: fix bond_3ad RCU usage David Miller
3 siblings, 0 replies; 5+ messages in thread
From: Veaceslav Falico @ 2014-01-10 10:59 UTC (permalink / raw)
To: netdev; +Cc: Veaceslav Falico, dingtianhong, Jay Vosburgh, Andy Gospodarek
Currently, the implementation is meaningless - once again, we take the
slave structure and use it after we've exited RCU critical section.
Fix this by removing the rcu_read_lock() from __get_active_agg(), and
ensuring that all its callers are holding RCU.
Fixes: be79bd048 ("bonding: add RCU for bond_3ad_state_machine_handler()")
CC: dingtianhong@huawei.com
CC: Jay Vosburgh <fubar@us.ibm.com>
CC: Andy Gospodarek <andy@greyhouse.net>
Signed-off-by: Veaceslav Falico <vfalico@redhat.com>
---
Notes:
v2 -> v3:
Use the RCU primitives.
v1 -> v2:
Don't use RCU primitives as we can hold RTNL.
drivers/net/bonding/bond_3ad.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/drivers/net/bonding/bond_3ad.c b/drivers/net/bonding/bond_3ad.c
index b49f421..cce1f1b 100644
--- a/drivers/net/bonding/bond_3ad.c
+++ b/drivers/net/bonding/bond_3ad.c
@@ -678,6 +678,8 @@ static u32 __get_agg_bandwidth(struct aggregator *aggregator)
/**
* __get_active_agg - get the current active aggregator
* @aggregator: the aggregator we're looking at
+ *
+ * Caller must hold RCU lock.
*/
static struct aggregator *__get_active_agg(struct aggregator *aggregator)
{
@@ -685,13 +687,9 @@ static struct aggregator *__get_active_agg(struct aggregator *aggregator)
struct list_head *iter;
struct slave *slave;
- rcu_read_lock();
bond_for_each_slave_rcu(bond, slave, iter)
- if (SLAVE_AD_INFO(slave).aggregator.is_active) {
- rcu_read_unlock();
+ if (SLAVE_AD_INFO(slave).aggregator.is_active)
return &(SLAVE_AD_INFO(slave).aggregator);
- }
- rcu_read_unlock();
return NULL;
}
@@ -1499,11 +1497,11 @@ static void ad_agg_selection_logic(struct aggregator *agg)
struct slave *slave;
struct port *port;
+ rcu_read_lock();
origin = agg;
active = __get_active_agg(agg);
best = (active && agg_device_up(active)) ? active : NULL;
- rcu_read_lock();
bond_for_each_slave_rcu(bond, slave, iter) {
agg = &(SLAVE_AD_INFO(slave).aggregator);
--
1.8.4
^ permalink raw reply related [flat|nested] 5+ messages in thread* Re: [PATCH v4 net-next 0/3] bonding: fix bond_3ad RCU usage
2014-01-10 10:59 [PATCH v4 net-next 0/3] bonding: fix bond_3ad RCU usage Veaceslav Falico
` (2 preceding siblings ...)
2014-01-10 10:59 ` [PATCH v4 net-next 3/3] bonding: fix __get_active_agg() RCU logic Veaceslav Falico
@ 2014-01-14 6:22 ` David Miller
3 siblings, 0 replies; 5+ messages in thread
From: David Miller @ 2014-01-14 6:22 UTC (permalink / raw)
To: vfalico; +Cc: netdev, dingtianhong, fubar, andy
From: Veaceslav Falico <vfalico@redhat.com>
Date: Fri, 10 Jan 2014 11:59:42 +0100
> While digging through bond_3ad.c I've found that the RCU usage there is
> just wrong - it's used as a kind of mutex/spinlock instead of RCU.
>
> v3->v4: remove useless goto and wrap __get_first_agg() in proper RCU.
>
> v2->v3: make bond_3ad_set_carrier() use RCU read lock for the whole
> function, so that all other functions will be protected by RCU as well.
> This way we can use _rcu variants everywhere.
>
> v1->v2: use generic primitives instead of _rcu ones cause we can hold RTNL
> lock without RCU one, which is still safe.
>
> This patchset is on top of bond_3ad.c cleanup:
> http://www.spinics.net/lists/netdev/msg265447.html
Series applied, thank you.
^ permalink raw reply [flat|nested] 5+ messages in thread